Sync documentation of main branch

actions-user · actions-user · commit 1e326a1a7f71 · 2025-09-30T02:02:32.000Z
diff --git a/_generated-doc/main/config/quarkus-all-config.adoc b/_generated-doc/main/config/quarkus-all-config.adoc
@@ -71490,6 +71490,34 @@ endif::add-copy-button-to-env-var[]
 a|tooltip:query[Authorization response parameters are encoded in the query string added to the `redirect_uri`], tooltip:form-post[Authorization response parameters are encoded as HTML form values that are auto-submitted in the browser and transmitted by the HTTP POST method using the application/x-www-form-urlencoded content type]
 |tooltip:query[Authorization response parameters are encoded in the query string added to the `redirect_uri`]
 
+a| [[quarkus-oidc_quarkus-oidc-authentication-cache-control]] [.property-path]##link:#quarkus-oidc_quarkus-oidc-authentication-cache-control[`quarkus.oidc.authentication.cache-control`]##
+ifdef::add-copy-button-to-config-props[]
+config_property_copy_button:+++quarkus.oidc.authentication.cache-control+++[]
+endif::add-copy-button-to-config-props[]
+
+
+`quarkus.oidc."tenant".authentication.cache-control`
+ifdef::add-copy-button-to-config-props[]
+config_property_copy_button:+++quarkus.oidc."tenant".authentication.cache-control+++[]
+endif::add-copy-button-to-config-props[]
+
+[.description]
+--
+Set of cache-control directives that must be set when a new session cookie is created, either after a successful authorization code completion or token refresh.
+
+Currently, only a `no-store` directive that prohibits caching the session cookie anywhere in the client request chain can be configured.
+
+
+ifdef::add-copy-button-to-env-var[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_AUTHENTICATION_CACHE_CONTROL+++[]
+endif::add-copy-button-to-env-var[]
+ifndef::add-copy-button-to-env-var[]
+Environment variable: `+++QUARKUS_OIDC_AUTHENTICATION_CACHE_CONTROL+++`
+endif::add-copy-button-to-env-var[]
+--
+a|list of `no-store`
+|
+
 a| [[quarkus-oidc_quarkus-oidc-authentication-redirect-path]] [.property-path]##link:#quarkus-oidc_quarkus-oidc-authentication-redirect-path[`quarkus.oidc.authentication.redirect-path`]##
 ifdef::add-copy-button-to-config-props[]
 config_property_copy_button:+++quarkus.oidc.authentication.redirect-path+++[]
diff --git a/_generated-doc/main/config/quarkus-oidc.adoc b/_generated-doc/main/config/quarkus-oidc.adoc
@@ -3079,6 +3079,34 @@ endif::add-copy-button-to-env-var[]
 a|tooltip:query[Authorization response parameters are encoded in the query string added to the `redirect_uri`], tooltip:form-post[Authorization response parameters are encoded as HTML form values that are auto-submitted in the browser and transmitted by the HTTP POST method using the application/x-www-form-urlencoded content type]
 |tooltip:query[Authorization response parameters are encoded in the query string added to the `redirect_uri`]
 
+a| [[quarkus-oidc_quarkus-oidc-authentication-cache-control]] [.property-path]##link:#quarkus-oidc_quarkus-oidc-authentication-cache-control[`quarkus.oidc.authentication.cache-control`]##
+ifdef::add-copy-button-to-config-props[]
+config_property_copy_button:+++quarkus.oidc.authentication.cache-control+++[]
+endif::add-copy-button-to-config-props[]
+
+
+`quarkus.oidc."tenant".authentication.cache-control`
+ifdef::add-copy-button-to-config-props[]
+config_property_copy_button:+++quarkus.oidc."tenant".authentication.cache-control+++[]
+endif::add-copy-button-to-config-props[]
+
+[.description]
+--
+Set of cache-control directives that must be set when a new session cookie is created, either after a successful authorization code completion or token refresh.
+
+Currently, only a `no-store` directive that prohibits caching the session cookie anywhere in the client request chain can be configured.
+
+
+ifdef::add-copy-button-to-env-var[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_AUTHENTICATION_CACHE_CONTROL+++[]
+endif::add-copy-button-to-env-var[]
+ifndef::add-copy-button-to-env-var[]
+Environment variable: `+++QUARKUS_OIDC_AUTHENTICATION_CACHE_CONTROL+++`
+endif::add-copy-button-to-env-var[]
+--
+a|list of `no-store`
+|
+
 a| [[quarkus-oidc_quarkus-oidc-authentication-redirect-path]] [.property-path]##link:#quarkus-oidc_quarkus-oidc-authentication-redirect-path[`quarkus.oidc.authentication.redirect-path`]##
 ifdef::add-copy-button-to-config-props[]
 config_property_copy_button:+++quarkus.oidc.authentication.redirect-path+++[]
diff --git a/_generated-doc/main/config/quarkus-oidc_quarkus.oidc.adoc b/_generated-doc/main/config/quarkus-oidc_quarkus.oidc.adoc
@@ -3079,6 +3079,34 @@ endif::add-copy-button-to-env-var[]
 a|tooltip:query[Authorization response parameters are encoded in the query string added to the `redirect_uri`], tooltip:form-post[Authorization response parameters are encoded as HTML form values that are auto-submitted in the browser and transmitted by the HTTP POST method using the application/x-www-form-urlencoded content type]
 |tooltip:query[Authorization response parameters are encoded in the query string added to the `redirect_uri`]
 
+a| [[quarkus-oidc_quarkus-oidc-authentication-cache-control]] [.property-path]##link:#quarkus-oidc_quarkus-oidc-authentication-cache-control[`quarkus.oidc.authentication.cache-control`]##
+ifdef::add-copy-button-to-config-props[]
+config_property_copy_button:+++quarkus.oidc.authentication.cache-control+++[]
+endif::add-copy-button-to-config-props[]
+
+
+`quarkus.oidc."tenant".authentication.cache-control`
+ifdef::add-copy-button-to-config-props[]
+config_property_copy_button:+++quarkus.oidc."tenant".authentication.cache-control+++[]
+endif::add-copy-button-to-config-props[]
+
+[.description]
+--
+Set of cache-control directives that must be set when a new session cookie is created, either after a successful authorization code completion or token refresh.
+
+Currently, only a `no-store` directive that prohibits caching the session cookie anywhere in the client request chain can be configured.
+
+
+ifdef::add-copy-button-to-env-var[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_AUTHENTICATION_CACHE_CONTROL+++[]
+endif::add-copy-button-to-env-var[]
+ifndef::add-copy-button-to-env-var[]
+Environment variable: `+++QUARKUS_OIDC_AUTHENTICATION_CACHE_CONTROL+++`
+endif::add-copy-button-to-env-var[]
+--
+a|list of `no-store`
+|
+
 a| [[quarkus-oidc_quarkus-oidc-authentication-redirect-path]] [.property-path]##link:#quarkus-oidc_quarkus-oidc-authentication-redirect-path[`quarkus.oidc.authentication.redirect-path`]##
 ifdef::add-copy-button-to-config-props[]
 config_property_copy_button:+++quarkus.oidc.authentication.redirect-path+++[]
diff --git a/_versions/main/guides/security-oidc-expanded-configuration.adoc b/_versions/main/guides/security-oidc-expanded-configuration.adoc
@@ -575,6 +575,7 @@ Session cookie is created after an authorizaion code flow is completed. An expir
 |quarkus.oidc.token.refresh-token-time-skew || Refresh token time skew
 |quarkus.oidc.authentication.session-age-extension |5 minutes| Session age extension
 |quarkus.oidc.authentication.session-expired-path || Session expired path
+|quarkus.oidc.authentication.cache-control || Set of Cache-Control header directives
 |====
 
 `quarkus.oidc.token.refresh-expired` can be used to enable automatic user session renewal when the user session has expired and the refresh token is available. This property is not enabled by default because with the automatic renewal, the user, after authenticating once, may not be asked to re-authenticate for a very long time. Therefore an admin level decision may be required to enable an automatic session renewal.
@@ -592,6 +593,9 @@ The `quarkus.oidc.token.refresh-token` property is automatically enabled if the
 
 See also the <<token-state-manager>> section for more information about managing session cookies.
 
+When a new session cookie is created, either after a successful authorization code flow completion or a token refresh, it may be necessary to control how the session cookie is managed by HTTP cache intermediaries and the browser cache.
+Currently, only a `Cache-Control` `no-store` directive that prohibits caching the session cookie anywhere in the client request chain can be configured.
+
 [[token-state-manager]]
 == Store authorization code flow tokens
 
diff --git a/_versions/main/guides/spring-web.adoc b/_versions/main/guides/spring-web.adoc
@@ -446,6 +446,11 @@ In addition to the method parameters that can be annotated with the appropriate
 `jakarta.servlet.http.HttpServletRequest` and `jakarta.servlet.http.HttpServletResponse` are also supported.
 For this to function however, users need to add the `quarkus-undertow` dependency.
 
+⚠️ Important: These types are only available when using the Classic RESTEasy stack (quarkus-resteasy / quarkus-resteasy-jackson) because they rely on the Servlet API provided by Undertow (quarkus-undertow).
+
+If your application uses the Reactive stack (quarkus-rest / quarkus-rest-jackson), then the Servlet API is not supported.
+In this case, adding the quarkus-undertow dependency will not enable servlet injection and will result in runtime errors.
+
 === Exception handler method return types
 
 The following method return types are supported:
